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- The MAILING DATE of this communication appears on the cover sheet with the correspondence address 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 . 1 36(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent temi adjustment. See 37 CFR 1.704(b). 

Status 

Responsive to communication(s) filed on 19 March 2004 , 
2a)n Tfiis action is FINAL. 2b)S This action is non-final. 

3) 0 Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 1 1 , 453 O.G. 213. 

Disposition of Claims 

4) 13 Claim(s) 1-100 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) 0 Claim(s) is/are allowed. 

6) S Claim(s) 1-100 is/are rejected. 
?)□ Claim(s) is/are objected to. 

8) 0 Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) 0 The specification is objected to by the Examiner. 

10)EI The drawing(s) filed on 19 March 2004 is/are: a)S accepted or b)n objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 

Replacement drawing sheet{s) including the con-ection is required if the drawing($) is objected to. See 37 CFR 1.121(d). 
11 )□ The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12)n Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-{d) or (f). 
a)nAII b)n Some * c)n None of: 

1 .□ Certified copies of the priority docunrients have been received. 

2. n Certified copies of the priority documents have been received in Application No. . 

3. n Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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1) ^ Notice of References Cited (PTO-892) 4) □ Interview Summary (PTO-413) 

2) □ Notice of Draftsperson's Patent Drawing Review (PTO-948) Paper No(s)/Mail Date. . 

3) ^ Infomiation Disclosure Statement(s) (PTO/SB/08) 5) Q Notice of Infomial. Patent Application 

Paper No(s)/Mail Date 22252627. 6) □ Other: . 
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DETAILED ACTION 
Priority 

1 . Applicant's claim for the benefit of a prior-filed application under 35 U.S.C. 
119(a)-(e) or under 35 U.S.C. 120, 121, or 365(c) is acknowledged. Priority is claimed 
under Provisional Applications 60/509047. 

Information Disclosure Statement 

2. For tlie record, the Examiner acknowledges that the IDS submitted on 
05/28/2004 and 06/27/2005. It has been received and considered. 

Oath/Declaration 

3. For the record, the Examiner acknowledges that the Oath/Declaration submitted 
on 03/19/2004 has been received and considered. 

Dray^ings 

4. . For the record, the Examiner acknowledges that the Drawings submitted on 
03/19/2004 have been received and considered. 



Specification 

5. For the record, the Examiner acknowledges that the Specification submitted on 
03/19/2004 has been received and considered. 
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6. Pursuant to USC 131 , claims 1-100 are presented for examination. 

7. Claims 1-100 are pending. 

Claim Rejections - 35 USC § 103 

8. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not Identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

Claims 1-100 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Bacha et al. (US Patent No. 6839843 A1) and further in view of Riddle (US 
Patent No. 5.572,582). 

Regarding claims 1. 25. 49 and 73 , Bacha et al . discloses a card device for 
communication with an electronic device, comprising: a capabilities list 
associated with an application program, said capabilities list including information 
regarding access to one or more resources for use by said application program, 
and for storing said application program and a security manager (col. 2 lines 51- 
67 and col. 3 lines 1-24); and said security manager, said security manager for 
selectively granting access to said one or more resources for use by said 
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application program based at least in part on said capabilities list (col. 2 lines 51- 
67 and col. 3 lines 1-24). 



Bacha et al. is silent in disclosing a memory for storage and a processor 
for executing said application program, however Riddle does disclose 
such elements (col. 4 lines 12-32 of Riddle) . 

It would have been obvious to one of ordinary skill to have combined the 
system for electronic repository of data enforcing access control on data 
retrieval with the method and apparatus for establishing communication 
between two teleconferencing endpoints to use a memory source and 
processor. Riddle provides motivation for the combination in the recitation 
of "a general purpose computer system. us used for implementing the 
teleconferencing application and associated processes" such, as the ones 
contained within the claim invention (col. 4 lines 1-11). 

Regarding claims 2, 26. 50 and 74 . Bacha et al. . discloses the card device of 
claim 1 wherein said one or more resources comprise at least one of data and 
functions (col. 7 lines 25-27). 

Regarding claims 3. 27. 51 and 75 . Bacha et al. . discloses the card device of 
claim 1 wherein said one or more resources comprise one or more resources 
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external to said card device (Figure 1. col. 2 lines 52-60 and col. 7 lines 25-41). 

Regarding claims 4. 28. 52 and 76 , Bacha etal. , discloses the card device of 
claim 3, further comprising at least one of: terminal side resources and channels 
of a communications network (Figure 4). 

Regarding claims 5. 29. 53 and 77 . Bacha etal. . discloses the card device of 
claim 1 wherein said one or more resources comprise one or more resources 
owned by at least one of said application program and another entity (col. 9 lines 
7-26). 

Regarding claims 6. 30. 54 and 78 . Bacha etal. . discloses the card device of 
claim 5 wherein said other entity comprise at least one of: an operating system of 
said card device and another application program (col. 5 lines 1-21). 

Regarding claims 7. 31. 55 and 79 . Bacha et al. . discloses card device of claim 1 
wherein said capabilities list comprises information regarding at least one of: 
access rights; and information required for access to a resource (Figure 2 and 
col. 3 lines 3-14). 

Regarding claims 8. 32. 56 and 80 . Bacha et aL . discloses the card device of 
claim 1 wherein said memory stores a first capabilities list and a second 
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capabilities list, said first capabilities list comprising a handle to link to said 
second capabilities list (col. 11 lines 21-31). 

Regarding claims 9. 33. 57 and 81 . Bacha at al. . discloses the card device of 
claim 8 wherein said second capabilities list is associated with one or more of 
other application programs (col. 1 1 lines 21-31). 

Regarding claims 10. 34. 58 and 82 . Bacha et al. . discloses the card device of 
claim 1 wherein said application program is for requesting access to a resource 
(col. 8 lines 3-43). 

Regarding claims 1 1 . 35. 59 and 83 . Bacha et al. . discloses the card device of 
claim 1 wherein said application program is for transmitting a resource access 
request to a security manager (col. 2 lines 51-67 and col. 3 lines 1-24); and said 
security manager is for transmitting a verify request to a verification program to 
examine said capabilities list to determine whether said application program is 
authorized to access said resource, and for performing or denying said requested 
action based at least in part on said examination (col. 2 lines 51-67 and col. 3 
lines 1-24). 
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Regarding claims 12, 36, 60 and 84 . Bacha et al. . discloses the card device of 
claim 1 1 wherein said security manager comprises an application program 
interface (API) (col. 5 lines 1-31). 

Regarding claim 13, 37. 61 and 85 . Bacha etal. . discloses the card device of 
claim 11 wherein said security manager is for obtaining information regarding 
said requesting application program through one of inquiring at a context 
originating the resource access request and a parameter provided with said 
resource access request (col. 2 lines 52-60 and col. 7 lines 25-41). 

Regarding claim 14. 38, 62 and 86 , Bacha et al. , discloses the card device of 
claim 1 , further comprising input/output means for receiving said capabilities list 
from at least one of a provider of said application program and an owner of said 
one or more resources (col. 2 lines 52-60 and col. 7 lines 25-41). 

Regarding claim 15, 39, 63 and 87 . Bacha et a!. , discloses the card device of 
claim 1 wherein said capabilities list and said application program constitute a 
load package received by said card device (Figure 2 and col. 3 lines 3-14). 



Regarding claims 16, 40, 64 and 88 , Bacha et al. , discloses the card device of 
claim 1 wherein said device is configured to modify said capabilities list based at 
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least in part on a subsequently received capabilities update list associated with . 
said application program (Figure 2, col. 3 lines 3-14 and col. 11 lines 21-31). 

Regarding claims 17, 41, 65 and 89 . Bacha et al. . is silent in disclosing the card 
device of claim 1 wherein said device is configured to delete said capabilities list 
or link and access rights upon receiving an instruction to delete said application 
program from the outside, however Riddle does disclose such elements (col. 20 
lines 20-47). 

Regarding claims 18, 42. 66 and 90 . Bacha et al. . discloses the card device of 
claim 1 wherein said capabilities list is encrypted; and said processor is 
configured to decrypt said capabilities list (col. 6 lines 28-60). 

Regarding claims 19. 43. 67 and 91 . Bacha et al. . discloses the card device of 
claim 1 wherein said capabilities list is cryptographically signed by at least one of 
a provider of said application program and an owner of said one or more 
resources (col. 6 lines 28-60); and said processor is configured to 
cryptographically authenticate said capabilities list (col. 6 lines 28-60). 



Regarding claims 20. 44. 68 and 92 . Bacha et al. . discloses the card device of 
claim 19 wherein said processor is further configured to cryptographically 
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authenticate said capabilities list when said capabilities list is stored on said 
device (col. 6 lines 28-60). 

Regarding claims 21 . 45. 69 and 93 . Bacha etal. . discloses the card device of 
claim 19 wherein said processor is further configured to cryptographically 
authenticate said capabilities list when said capabilities list is accessed, said 
capabilities list being successfully authenticated if a first fingerprint computed 
over said capabilities list upon storing capabilities list matches a second 
fingerprint computed over said capabilities list in response to a run-time request 
to use said capabilities list (col. 6 lines 28-60), 

Regarding claims 22. 45. 70. 94 . Bacha et al. . discloses the card device of claim 
1 wherein said application program comprises a plurality of modules (Figures 4, 
4Aand4B). 

Regarding claims 23. 46. 71 . 95 . Bacha et al. . discloses the card device of claim 
1 wherein said application program comprises a Java application program or a 
Java Card.TM. applet (col. 12 lines 23-39). 

Regarding claims 24. 47. 72. 96 . Bacha et al. . discloses the card device of claim 
1 wherein said capabilities list is embodied in a tag-length-value (TLV) structure 
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(col. 2 lines 51-67 and col. 3 lines 1-24). 

Regarding claims 97, Bacha et a!. , discloses a memory for storing data for 
access by an application program being executed on a data processing system, 
comprising: a data structure stored in said memory, said data structure including 
information used by said application program to determine at run-time 
information regarding access to one or more resources for use by said 
application program (col. 2 lines 51-67 and col. 3 lines 1-24). 

Regarding claims 98, Bacha et al. , is silent in disclosing a memory of claim 97 
wherein said memory is for storing said application prpgram and said data 
structure, however Riddle does disclose such elements (col. 4 lines 12-32 of 
Riddle) . 

It would have been obvious to one of ordinary skill to have combined the 
system for electronic repository of data enforcing access control on data 
retrieval with the method and apparatus for establishing communication 
between two teleconferencing endpoints to use a memory source and 
' processor. Riddle provides motivation for the combination in the recitation 
of "a general purpose computer system us used for implementing the 
teleconferencing application and associated processes" such as the ones 
contained within the claim invention (col. 4 lines 1-11). 
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Regarding claims 99, Bacha et aL . discloses a memory of claim 98 wherein said 
application program and said data structure are contiguous in said memory (col. 
8 lines 3-43). 

Regarding claims 100, Baclia et al. . discloses a memory of claim 98 wherein said 
data structure is stored within said application program in said memory (col. 8 
lines 3-43). 

. Conclusion 

9. Any Inquiry concerninig this communicatipn or earlier communications from the . 
examiner should be directed to Chinwendu C. Okoronkwo whose telephone number is 
(571) 272 2662. The examiner can nomially be reached on MWF 9:30 - 7:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Nasser Moazzami can be reached on (571) 272 4195. The fax phone 
number for the organization where this application or proceeding is assigned is 571- 
273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status infomiation for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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